Static task
static1
Behavioral task
behavioral1
Sample
48f738148170e3bf9a74cb8f65770ca7a9566dd9bf83d298f0737d69fe11d4eb.dll
Resource
win7-20240221-en
General
-
Target
48f738148170e3bf9a74cb8f65770ca7a9566dd9bf83d298f0737d69fe11d4eb
-
Size
120KB
-
MD5
533d8a4212c75b1cbefba824ddbc9c31
-
SHA1
5aa489528799c8346b69c734b0a231f3525a6eb6
-
SHA256
48f738148170e3bf9a74cb8f65770ca7a9566dd9bf83d298f0737d69fe11d4eb
-
SHA512
18a743801a9584aed9c64f5186e62615498c31de70e8cb687dfbb086ac3d84c0ab4909aee049e1cab4ceb53f07c9ed6cdaa1dca725fad165be6c581ea9625e91
-
SSDEEP
1536:IrPkyzTrBlTIgNnYH9xdjGJ3o6U0llRgGVLmhDbE7tayIwUm8Qbi7fvIiJ:YNYgt49xNW3TUGxL5ayrFbi7XIiJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 48f738148170e3bf9a74cb8f65770ca7a9566dd9bf83d298f0737d69fe11d4eb
Files
-
48f738148170e3bf9a74cb8f65770ca7a9566dd9bf83d298f0737d69fe11d4eb.dll windows:4 windows x86 arch:x86
0f44bf2b3b0b8d5ecae5689ff1d0e90d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode
user32
wsprintfA
Sections
.text Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 376B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ